41 _In_reads_bytes_(BufferLength)
PVOID Buffer,
169 UINT64 OptionalParam1,
170 UINT64 OptionalParam2,
171 UINT64 OptionalParam3);
BOOLEAN PoolManagerCallbackRequestAllocation(SIZE_T Size, UINT32 Count, POOL_ALLOCATION_INTENTION Intention)
routine callback to request pool allocation
Definition Callback.c:335
BOOLEAN PoolManagerCallbackFreePool(UINT64 AddressToFree)
routine callback to free pool
Definition Callback.c:378
BOOLEAN DebuggingCallbackHandleDebugBreakpointException(UINT32 CoreId)
routine callback to handle debug breakpoint exception
Definition Callback.c:252
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE VmmCallbackTriggerEvents(VMM_EVENT_TYPE_ENUM EventType, VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE CallingStage, PVOID Context, BOOLEAN *PostEventRequired, GUEST_REGS *Regs)
routines callback to trigger events
Definition Callback.c:26
UINT64 PoolManagerCallbackRequestPool(POOL_ALLOCATION_INTENTION Intention, BOOLEAN RequestNewPool, UINT32 Size)
routine callback to request pool
Definition Callback.c:358
BOOLEAN VmmCallbackHandleMtfCallback(UINT32 CoreId)
routine callback to handle MTF callback
Definition Callback.c:189
BOOLEAN VmmCallbackRestoreEptState(UINT32 CoreId)
routine callback to restore EPT state
Definition Callback.c:145
VOID VmmCallbackSetLastError(UINT32 LastError)
routine callback to set last error
Definition Callback.c:47
BOOLEAN DebuggingCallbackHandleBreakpointException(UINT32 CoreId)
routine callback to handle breakpoint exception
Definition Callback.c:231
BOOLEAN VmmCallbackQueryTerminateProtectedResource(UINT32 CoreId, PROTECTED_HV_RESOURCES_TYPE ResourceType, PVOID Context, PROTECTED_HV_RESOURCES_PASSING_OVERS PassOver)
routine callback to query for termination of protected resources
Definition Callback.c:122
BOOLEAN DebuggingCallbackTriggerOnClockAndIpiEvents(UINT32 CoreId)
routine callback to trigger on clock and IPI events for checking process or thread change
Definition Callback.c:294
VOID VmmCallbackNmiBroadcastRequestHandler(UINT32 CoreId, BOOLEAN IsOnVmxNmiHandler)
routine callback to handle NMI requests
Definition Callback.c:98
BOOLEAN DebuggingCallbackCheckThreadInterception(UINT32 CoreId)
routine callback to handle thread interception
Definition Callback.c:273
BOOLEAN VmmCallbackVmcallHandler(UINT32 CoreId, UINT64 VmcallNumber, UINT64 OptionalParam1, UINT64 OptionalParam2, UINT64 OptionalParam3)
routine callback to handle external VMCALLs
Definition Callback.c:72
BOOLEAN DebuggingCallbackIgnoreHandlingMov2DebugRegs(UINT32 CoreId)
routine callback to ignore handling mov 2 debug registers
Definition Callback.c:313
BOOLEAN HyperTraceCallbackLbrIsSupported(UINT32 *Capacity, BOOLEAN *IsArchLbr)
routine callback to check if LBR is supported and get the LBR capacity if supported
Definition Callback.c:211
VOID InterceptionCallbackTriggerCr3ProcessChange(UINT32 CoreId)
routine callback to handle cr3 process change
Definition Callback.c:398
IMPORT_EXPORT_HYPERLOG BOOLEAN LogCallbackSendBuffer(_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)
routines callback for sending buffer
Definition HyperLogCallback.c:123
IMPORT_EXPORT_HYPERLOG BOOLEAN LogCallbackCheckIfBufferIsFull(BOOLEAN Priority)
Checks whether the priority or regular buffer is full or not.
Definition Logging.c:262
IMPORT_EXPORT_HYPERLOG BOOLEAN LogCallbackSendMessageToQueue(UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)
Send string messages and tracing for logging and monitoring.
Definition Logging.c:1214
IMPORT_EXPORT_HYPERLOG BOOLEAN LogCallbackPrepareAndSendMessageToQueueWrapper(UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)
Prepare a printf-style message mapping and send string messages and tracing for logging and monitorin...
Definition Logging.c:987
BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:34
BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)
A function from the message tracer that send the inputs to the queue of the messages.
Definition HyperEvade.h:23
BOOLEAN(* LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL)(BOOLEAN Priority)
A function that checks whether the priority or regular buffer is full or not.
Definition HyperEvade.h:49
BOOLEAN(* HYPERTRACE_LBR_IS_SUPPORTED)(UINT32 *Capacity, BOOLEAN *IsArchLbr)
A function that checks if LBR is supported on the current CPU and gets its capacity.
Definition HyperEvade.h:55
BOOLEAN(* LOG_CALLBACK_SEND_BUFFER)(_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:40
BOOLEAN(* VMM_CALLBACK_QUERY_TERMINATE_PROTECTED_RESOURCE)(UINT32 CoreId, PROTECTED_HV_RESOURCES_TYPE ResourceType, PVOID Context, PROTECTED_HV_RESOURCES_PASSING_OVERS PassOver)
Check and modify the protected resources of the hypervisor.
Definition VMM.h:158
BOOLEAN(* DEBUGGING_CALLBACK_HANDLE_BREAKPOINT_EXCEPTION)(UINT32 CoreId)
A function that checks and handles breakpoints.
Definition VMM.h:71
struct _VMM_CALLBACKS VMM_CALLBACKS
Prototype of each function needed by VMM module.
UINT64(* POOL_MANAGER_REQUEST_POOL)(POOL_ALLOCATION_INTENTION Intention, BOOLEAN RequestNewPool, UINT32 Size)
Request pool.
Definition VMM.h:110
BOOLEAN(* VMM_CALLBACK_VMCALL_HANDLER)(UINT32 CoreId, UINT64 VmcallNumber, UINT64 OptionalParam1, UINT64 OptionalParam2, UINT64 OptionalParam3)
Handler of debugger specific VMCALLs.
Definition VMM.h:167
BOOLEAN(* DEBUGGING_CALLBACK_HANDLE_DEBUG_BREAKPOINT_EXCEPTION)(UINT32 CoreId)
A function that checks and handles debug breakpoints.
Definition VMM.h:77
VOID(* INTERCEPTION_CALLBACK_TRIGGER_CR3_CHANGE)(UINT32 CoreId)
Handle cr3 process change callbacks.
Definition VMM.h:140
BOOLEAN(* POOL_MANAGER_REQUEST_ALLOCATION)(SIZE_T Size, UINT32 Count, POOL_ALLOCATION_INTENTION Intention)
Request pool allocation.
Definition VMM.h:104
BOOLEAN(* POOL_MANAGER_FREE_POOL)(UINT64 AddressToFree)
Free pool.
Definition VMM.h:116
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE(* VMM_CALLBACK_TRIGGER_EVENTS)(VMM_EVENT_TYPE_ENUM EventType, VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE CallingStage, PVOID Context, BOOLEAN *PostEventRequired, GUEST_REGS *Regs)
A function that handles trigger events.
Definition VMM.h:61
BOOLEAN(* VMM_CALLBACK_CHECK_UNHANDLED_EPT_VIOLATION)(UINT32 CoreId, UINT64 ViolationQualification, UINT64 GuestPhysicalAddr)
Check for unhandled EPT violations.
Definition VMM.h:128
BOOLEAN(* DEBUGGING_CALLBACK_TRIGGER_ON_CLOCK_AND_IPI_EVENTS)(_In_ UINT32 CoreId)
Trigger on clock and IPI events for checking process or thread change.
Definition VMM.h:89
BOOLEAN(* VMM_CALLBACK_HANDLE_MTF_CALLBACK)(UINT32 CoreId)
Handle MTF callback.
Definition VMM.h:134
VOID(* VMM_CALLBACK_SET_LAST_ERROR)(UINT32 LastError)
Set the top-level driver's error status.
Definition VMM.h:152
VOID(* VMM_CALLBACK_NMI_BROADCAST_REQUEST_HANDLER)(UINT32 CoreId, BOOLEAN IsOnVmxNmiHandler)
Handle NMI broadcast.
Definition VMM.h:146
BOOLEAN(* DEBUGGING_CALLBACK_IGNORE_HANDLING_MOV_2_DEBUG_REGS)(_In_ UINT32 CoreId)
routine callback to ignore handling mov 2 debug registers
Definition VMM.h:98
BOOLEAN(* DEBUGGING_CALLBACK_CHECK_THREAD_INTERCEPTION)(UINT32 CoreId)
Check for thread interception in user-debugger.
Definition VMM.h:83
struct _VMM_CALLBACKS * PVMM_CALLBACKS
BOOLEAN(* VMM_CALLBACK_RESTORE_EPT_STATE)(UINT32 CoreId)
Check for user-mode access for loaded module details.
Definition VMM.h:122
Prototype of each function needed by VMM module.
Definition VMM.h:182
VMM_CALLBACK_CHECK_UNHANDLED_EPT_VIOLATION VmmCallbackCheckUnhandledEptViolations
Definition VMM.h:205
Definition BasicTypes.h:136